Zope Subversion Repository

   Zope

Zope: Zope3/trunk/src/zope/app/security/protectclass.py

File: [Zope] / Zope3 / trunk / src / zope / app / security / protectclass.py (download) (as text)
Revision: 11399, Sat Aug 16 00:44:50 2003 UTC (9 years, 10 months ago) by srichter
File size: 3266 byte(s) 
Merging dreamcatcher's TTW Schema branch:

1. Fixed Bug in adding that would cause infinite loops when the menu items
   action was not a valif view or factory id.

2. Extended adding to support more complex views. Until now we only
   supported constructions like "+/AddView=id". Now you are able to say
   "+/AddView/More=id", which means that more information can be carried
   in the URL. This can be used in many ways, including multi-page adding
   wizards. In my case I needed it to pass in the type of the TTW Schema-
   based Content Component.

3. Added Local Menus. This was a pain in the butt, but I think I got a
   fairly nice model, where you can create local Menu Services, and Menus
   are simply named utilities. When active they are menus in the menu
   service. This is very similar to the local interface service and TTW
   Schema.

4. Made some modifications to TTW Schema, cleaned up the code and moved
   the browser code and interfaces to the places they belong.

5. Added a Content Component Definition utility component, which takes a
   Schema and creates a content component for it, including permission
   settings and a menu entry. Currently the menu entry is always made to
   a local 'add_content' menu. I will change this and make it actually a
   screen, where the menu and title of the menu item can be chosen by the
   developer. Mmmh, should I add a factory for the definition as well, so
   that the content component is also available via python?

6. Added a Content Component Instance component that represents an
   instance od a Content Component Definition. You will never directly
   encounter this component, since it is automatically used by the adding
   code of the Content Component Definition.

7. Cleanups by both dreamcatcher and myself.

That's it. For more details see the branch checkin messages. I now consider
the dreamcatcher-ttwschema-branch closed.

##############################################################################
#
# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""Make assertions about permissions needed to access class instances attributes
"""

from zope.app.security.exceptions import UndefinedPermissionError
from zope.app.security.registries.permissionregistry import permissionRegistry

from zope.security.checker import defineChecker, getCheckerForInstancesOf
from zope.security.checker import Checker, CheckerPublic

def checkPermission(permission):
    """Check to make sure that the permission is valid.
    """
    if not permissionRegistry.definedPermission(permission):
        raise UndefinedPermissionError(permission)

def protectName(class_, name, permission):
    "Set a permission on a particular name."

    checkPermission(permission)

    checker = getCheckerForInstancesOf(class_)
    if checker is None:
        checker = Checker({}.get, {}.get)
        defineChecker(class_, checker)

    if permission == 'zope.Public':
        # Translate public permission to CheckerPublic
        permission = CheckerPublic

    # We know a dictionart get method was used because we set it
    protections = checker.getPermission_func().__self__
    protections[name] = permission

def protectSetAttribute(class_, name, permission):
    "Set a permission on a particular name."

    checkPermission(permission)

    checker = getCheckerForInstancesOf(class_)
    if checker is None:
        checker = Checker({}.get, {}.get)
        defineChecker(class_, checker)

    if permission == 'zope.Public':
        # Translate public permission to CheckerPublic
        permission = CheckerPublic

    # We know a dictionart get method was used because we set it
    protections = checker.getSetattrPermission_func().__self__
    protections[name] = permission

def protectLikeUnto(class_, like_unto):
    """Use the protections from like_unto for class_
    """

    unto_checker = getCheckerForInstancesOf(like_unto)
    if unto_checker is None:
        return

    # We know a dictionart get method was used because we set it
    unto_get_protections = unto_checker.getPermission_func().__self__
    unto_set_protections = unto_checker.getSetattrPermission_func().__self__

    checker = getCheckerForInstancesOf(class_)
    if checker is None:
        checker = Checker({}.get, {}.get)
        defineChecker(class_, checker)

    # OK, so it's a hack.
    get_protections = checker.getPermission_func().__self__
    for name in unto_get_protections:
        get_protections[name] = unto_get_protections[name]

    set_protections = checker.getSetattrPermission_func().__self__
    for name in unto_set_protections:
        set_protections[name] = unto_set_protections[name]
webmaster@zope.org

Powered by ViewCVS 1.0-dev 		(Powered by Apache)

ViewCVS and CVS Help